I never imagined that such savage repair would actually work: youtube.com/watch?v=SGVaZO3DJ_

Speck on the left is USB OTG capacitor.

Started reading Lawrence Lessig's (Creative Commons founder) Free Culture book and bam:

"A culture without property, or in which creators can't get paid, is anarchy, not freedom."

Looked through and it's full of similar smears:

> No sane sort who is not an anarchist could disagree.
> freedom need not mean anarchy
> either property or anarchy, either total control or artists won’t be paid

Wow. Chinese spies did a successful supply chain attack, planting a malicious chip into a piece of electronics manufactured in China by a US company. They "reached almost 30 U.S. companies, including Amazon and Apple, by compromising America’s technology supply chain, according to extensive interviews with government and corporate sources"
bloomberg.com/news/features/20

Updated PRISM Break's file storage & sync category to only include end-to-end encrypted software: prism-break.org/en/all/#file-s

Unless we insist on server not having access to user data, people will just rent VPS, use it as sync server, and think their data is safe. Only few have trusted physical always-on hardware, and even that is a liability (what if someone's house gets raided?).

Apparently, refusing to promote a neo-nazi den is censorship now: gitlab.com/prism-break/prism-b

Feel should've handled that better somehow.

@HerraBRE Hi, is there a SVG version of Pagekite logo? (Would like to recommend it on prism-break.org so that more people self-host on their own hardware instead of VPS).

@micahflee This is basically for the same reason: no validation on packets whatsoever. Packets that cause the key to be unimportable are clearly not RFC-compliant, but SKS still accepts those packets.

@micahflee Another SKS bug. Anyone can make a key unimportable: try `gpg --keyserver pgp.mit.edu --recv-keys 0x4F3F50786C401DCE`, it will fail. Also see pgp.mit.edu/pks/lookup?op=vind

Apparently, there is a tamper-resistant (unlike Tomu) free hardware U2F token. Unfortunately, firmware requires a proprietary tool for build.

u2fzero.com/
github.com/conorpp/u2f-zero

Reflashing my hardware GPG token (FST-01) with Gnuk 1.2.9 after a botched firmware upgrade :-(

Usually this requires a proprietary SWD debugger like ST-Link/V2. @gniibe@identi.ca has recently implemented bbg-swd, a SWD debugger on top of OpenOCD that runs on BeagleBoard devices using PRUSS (auxiliary real-time processors on TI SoCs).

I'm using PocketBeagle and some Dupont wires. Hope this would work without any soldering.

I am a NixOS developer and prism-break.org maintainer who feels strongly about free software, hardware, and society.

Mastodon

Follow friends and discover new ones. Publish anything you want: links, pictures, text, video. This server is run by the main developers of the Mastodon project. Everyone is welcome as long as you follow our code of conduct!